<?php

/*
   This script is vulnerable to XSS
   because the output isn't filtered.
*/


/*
   All information about the user is
   saved in cookies.
*/
   echo 'Error! <br />';
   echo $_GET['error'];
?>